I know people who specifically end up with sumologic parsing logs, but they seem to have also been using kinesis on the 'front of the funnel'. We shipped logs from disk in the past but now have Zentral

ya will prob go down Zentral/Fleet path was just curious.

Fleet -> Kinesis -> Sumo has defniitely been done before. A direct Fleet -> Sumo logging plugin would probably not be hard to build.

ya ive done integrations with sumo of just sending a json file to sumo via http endpoint

*.